Submitted URL: http://quickcreditapproval.com/
Effective URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=late...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On June 01 via api from IT — Scanned from IT

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 172.67.69.179, located in United States and belongs to CLOUDFLARENET, US. The main domain is gamerafflezone.com.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2024. Valid for: 3 months.
This is the only time gamerafflezone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 72.52.178.23 32244 (LIQUIDWEB)
4 76.223.26.96 16509 (AMAZON-02)
1 18.66.121.138 16509 (AMAZON-02)
2 34.196.141.191 14618 (AMAZON-AES)
9 172.67.69.179 13335 (CLOUDFLAR...)
4 104.17.24.14 13335 (CLOUDFLAR...)
12 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
33 7
Apex Domain
Subdomains
Transfer
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30080
9 gamerafflezone.com
gamerafflezone.com
48 KB
5 quickcreditapproval.com
quickcreditapproval.com
ww12.quickcreditapproval.com
5 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
96 KB
3 woudaufe.net
woudaufe.net — Cisco Umbrella Rank: 460162
16 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11492
546 B
1 hrodg-hrk.com
hrodg-hrk.com
1 KB
1 fabri-qwi.com
fabri-qwi.com
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
33 9
Domain Requested by
9 jouteetu.net woudaufe.net
9 gamerafflezone.com hrodg-hrk.com
gamerafflezone.com
woudaufe.net
4 cdnjs.cloudflare.com gamerafflezone.com
4 ww12.quickcreditapproval.com d38psrni17bvxu.cloudfront.net
ww12.quickcreditapproval.com
3 woudaufe.net gamerafflezone.com
woudaufe.net
1 my.rtmark.net woudaufe.net
1 hrodg-hrk.com fabri-qwi.com
1 fabri-qwi.com ww12.quickcreditapproval.com
1 d38psrni17bvxu.cloudfront.net ww12.quickcreditapproval.com
1 quickcreditapproval.com 1 redirects
33 10

This site contains no links.

Subject Issuer Validity Valid
zeropark.com
Amazon RSA 2048 M01
2023-07-12 -
2024-08-09
a year crt.sh
hrodg-hrk.com
Amazon RSA 2048 M03
2024-05-28 -
2025-06-26
a year crt.sh
gamerafflezone.com
GTS CA 1P5
2024-04-30 -
2024-07-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
woudaufe.net
R3
2024-04-15 -
2024-07-14
3 months crt.sh
jouteetu.net
R3
2024-05-14 -
2024-08-12
3 months crt.sh
rtmark.net
R3
2024-05-11 -
2024-08-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Frame ID: 813ECC3A36904E316629FA9CDFE3BFC2
Requests: 33 HTTP requests in this frame

Screenshot

Page Title

Super premio!

Page URL History Show full URLs

  1. http://quickcreditapproval.com/ HTTP 307
    https://quickcreditapproval.com/ HTTP 307
    http://quickcreditapproval.com/ HTTP 302
    http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
    https://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
    http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 Page URL
  2. http://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://hrodg-hrk.com/zclkredirect?visitid=f888ef96-2024-11ef-bcd6-1228ab920df3&type=js&browserWid... Page URL
  4. https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

82 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

7
IPs

3
Countries

171 kB
Transfer

698 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://quickcreditapproval.com/ HTTP 307
    https://quickcreditapproval.com/ HTTP 307
    http://quickcreditapproval.com/ HTTP 302
    http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
    https://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
    http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 Page URL
  2. http://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415 HTTP 307
    https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415 Page URL
  3. https://hrodg-hrk.com/zclkredirect?visitid=f888ef96-2024-11ef-bcd6-1228ab920df3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
  4. https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://quickcreditapproval.com/ HTTP 307
  • https://quickcreditapproval.com/ HTTP 307
  • http://quickcreditapproval.com/ HTTP 302
  • http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
  • https://ww12.quickcreditapproval.com/?usid=17&utid=32675747129 HTTP 307
  • http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Request Chain 5
  • http://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415 HTTP 307
  • https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ww12.quickcreditapproval.com/
Redirect Chain
  • http://quickcreditapproval.com/
  • https://quickcreditapproval.com/
  • http://quickcreditapproval.com/
  • http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
  • https://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
  • http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
2 KB
2 KB
Document
General
Full URL
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
d57822385e392f63f1fb9173aa5d1c4e9e241af31a489dde19843b1196297874

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Jun 2024 14:41:03 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pHImqwWyLspz6wYjxThF3II5Cf+gTvtoDYq10EV9TmmbNhCcxpIJtTGUdUdiXmJOnMSVzp8tPjs/Rb7+4Kv4QA==
X-Buckets
bucket011
X-Domain
quickcreditapproval.com
X-Language
italian
X-Redirect
zeropark_zeroclick
X-Subdomain
ww12
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

Location
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Non-Authoritative-Reason
HttpsUpgrades
js3.js
d38psrni17bvxu.cloudfront.net/scripts/
1 KB
2 KB
Script
General
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ww12.quickcreditapproval.com
URL: http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Protocol
HTTP/1.1
Server
18.66.121.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-138.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
http://ww12.quickcreditapproval.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Sat, 01 Jun 2024 04:34:04 GMT
Via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Mar 2024 11:48:11 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
36419
ETag
"65fc1e7b-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
jg3R0mmhlAxfnUSgpjeE_T-6eswH3Nz81QzTPlNTyrQovq4SKiithQ==
track.php
ww12.quickcreditapproval.com/
0
608 B
XHR
General
Full URL
http://ww12.quickcreditapproval.com/track.php?domain=quickcreditapproval.com&toggle=browserjs&uid=MTcxNzI1Mjg2My4wNzc6YmUzY2UzNzUyZmQ5NGM1ZWQ3N2MxYzBjM2ZjMTMxNjMyMTRmMmIwZGUxOTUzM2ZiODkwMGEyZmIwZTAxYTA3NTo2NjViMzJmZjEyY2Q0
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Sat, 01 Jun 2024 14:41:04 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
ww12.quickcreditapproval.com/
16 B
906 B
XHR
General
Full URL
http://ww12.quickcreditapproval.com/ls.php?t=665b32ff&token=60ac30555da71c60c13c477267fda2e78c94fc74
Requested by
Host: ww12.quickcreditapproval.com
URL: http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Sat, 01 Jun 2024 14:41:04 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_buiIjDtTMT+pqQ8FjsMBvjzNHJEyfS7CcJm8jv9eMMnXQs5spG2pp4Ey/NV5vaNSg6u33BxUE7R43Az2kJ3q0Q==
Connection
keep-alive
X-Log-Success
665b3300d1b01e91a1073065
track.php
ww12.quickcreditapproval.com/
0
623 B
XHR
General
Full URL
http://ww12.quickcreditapproval.com/track.php?click=bca2e4f1c6b8fc272016038d75bc342a483d8e83&domain=quickcreditapproval.com&uid=MTcxNzI1Mjg2My4wNzc6YmUzY2UzNzUyZmQ5NGM1ZWQ3N2MxYzBjM2ZjMTMxNjMyMTRmMmIwZGUxOTUzM2ZiODkwMGEyZmIwZTAxYTA3NTo2NjViMzJmZjEyY2Q0&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NjViMzJmZjEyY2E1fHx8MTcxNzI1Mjg2My40MzIxfDA2MDMzYTgyZWVhZjIyZTZhZTBiMGY4YTkwZDFhMzg4Zjc1MDcxMDF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw2MGFjMzA1NTVkYTcxYzYwYzEzYzQ3NzI2N2ZkYTJlNzhjOTRmYzc0fDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Sat, 01 Jun 2024 14:41:04 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/
Redirect Chain
  • http://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415
  • https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415
3 KB
3 KB
Document
General
Full URL
https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415
Requested by
Host: ww12.quickcreditapproval.com
URL: http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.141.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-141-191.compute-1.amazonaws.com
Software
/
Resource Hash
78f62f8c4b9f45e09a48cf22e32868390d99cf26f5b4978d55f1ea70893f7ba4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
http://ww12.quickcreditapproval.com/?usid=17&utid=32675747129
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 01 Jun 2024 14:41:05 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
hrodg-hrk.com/
732 B
1 KB
Document
General
Full URL
https://hrodg-hrk.com/zclkredirect?visitid=f888ef96-2024-11ef-bcd6-1228ab920df3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Requested by
Host: fabri-qwi.com
URL: https://fabri-qwi.com/zclkvisitor/f888ef96-2024-11ef-bcd6-1228ab920df3/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e5001800-1f2e-11ef-b3d8-0affd04c9415
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.141.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-141-191.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://fabri-qwi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 01 Jun 2024 14:41:05 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request 650
gamerafflezone.com/page/m1g0l5/
18 KB
5 KB
Document
General
Full URL
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Requested by
Host: hrodg-hrk.com
URL: https://hrodg-hrk.com/zclkredirect?visitid=f888ef96-2024-11ef-bcd6-1228ab920df3&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8081074683ba72ce31d7ac2bb6db8ce038497c8bbb281ef6aebe47aa0a6452

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hrodg-hrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
88cff6709e57bab5-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 01 Jun 2024 14:41:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7f6SSJVnI8vjeC3Mu008LqWteJav0Kp9g2e%2B2plLt6lv9thALiWIx0ypcdP49Qso4TKpt2EsJrvkWcr8JAsInFn3nwQF4Iz%2BI620gYmJLBqXF0qMRS4hK6PtxsawWv5hXIang%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://gamerafflezone.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
144901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27446
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64ed75bb-6b36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArhVqZBIjgOvmGgxDAdCIqylZA1cqxPzEU02b73MFcCtPCN8lL6rVzlubInz1PzCbiXp0qgxU%2BBlBHWyhwbGhtbOdz1N%2BQmy0Dv%2B9pKGYDf9WYlRmsfBcKDYO8o8VIzHVpxNGuuC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88cff675dc6a4c44-MXP
expires
Thu, 22 May 2025 14:41:07 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/
227 KB
22 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://gamerafflezone.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6390967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22709
last-modified
Tue, 20 Feb 2024 15:32:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65d4c5f6-58b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubeCCTxAdthLwc6BsALXysNNqJQkNG3A2J%2BycXT2xCHF44qPuMJF%2BfmHmlqaKClEgCktlNzLhjtFu5F%2BCa6t9qgNw5SdaDq9JT%2F5Qq5Ow2ojg5xZGjxLnzYOD6XMdsxLvsBG2tRl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88cff675dc5f4c44-MXP
expires
Thu, 22 May 2025 14:41:07 GMT
bootstrap.bundle.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/
203 KB
36 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://gamerafflezone.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1260973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36257
last-modified
Tue, 20 Feb 2024 15:32:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65d4c5f6-8da1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oill6D%2FGbSF1L10X810VYZS074pxJDx0jlx7bprLzE%2Be7wXKizzB5OVWMl%2BMqAWgkueCGVFqBaLwt7e47iRPKq0pCm0hDRBE%2BltAPJaouonlfzfDV9eE%2FMyh1y7Q2YVxf1xwx9y%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88cff675dc664c44-MXP
expires
Thu, 22 May 2025 14:41:07 GMT
style.min.css
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/css/style.min.css?v=1.15
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1229a31c253f94264172d95933eeaacce78213fc40f58db7ebc027383b5d9de

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 May 2024 09:25:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4638
etag
W/"6655a2f0-1f1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdrL1ARvCVIpBjcs%2BpzggCnuk7h7XTHL7R6P4GD4sgz%2FgQ9DkzNufwQr2ZpRHXvX%2BE6%2BCkpgN6ck8DnMxafZbKWz7TKwIuTPzn%2BV91X%2BGYF8o83KMEWOC1aXqk9X4zp6po%2Bopw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88cff6732b05bab5-MXP
alt-svc
h3=":443"; ma=86400
preload_o.min.js
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/js/
17 KB
5 KB
Script
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/js/preload_o.min.js?v=1.15
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 May 2024 09:25:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4639
etag
W/"6655a2f0-4497"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FLQEeSw24BFsKoQjOj%2FA47Y2b4VInqpZlXgYMdH%2Bz92JkZe1Q32y5lr2B%2BG0BOqAIr9pn%2F3fACqLIqwD6S9hMvA%2FgvS6VHIco69RzEZgJ80zsyt2W2gG28z2uOTuT3YExvrPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88cff67b09a7bab5-MXP
alt-svc
h3=":443"; ma=86400
box_letter.css
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/templates/box/
2 KB
919 B
Stylesheet
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/templates/box/box_letter.css?v=1.15
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc10dac87ad7b385deb51a24597ec481ca2bf2ec0407ddb7af5b8b5d67e1b18f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4638
cf-polished
origSize=3211
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 May 2024 09:25:04 GMT
server
cloudflare
etag
W/"6655a2f0-c8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAnDS4zqXj3JYmAIznlUEG%2F4sJGSpyPRzJdEVzcPs6spzT5bOUtXKMkm6k71wpgcCu6AEpZHm50qhy9Nlh%2BCGZ%2BCEMrIM6%2FgJ89kSnNuST6ovDozWGWwpJTIxtMcWnEOz1n%2BaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88cff6732b09bab5-MXP
box_o.js
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/js/
4 KB
2 KB
Script
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/assets/js/box_o.js?v=1.15
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361ee89ad0d7a524dc000e4dd95b8f9b07361860882b56c25c82f309f542f5cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 28 May 2024 09:25:04 GMT
server
cloudflare
age
4639
etag
W/"6655a2f0-1053"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDTm2bylXeXBFXI4SE%2BuCA9rGmtP3mKsQWnnP8AjKyCQY3R9Mjox65P5IJ5lN%2BvDXdL4gUWdr%2BbuA6ShoY%2FtSDS%2Bj7q553psKBHJ%2F0MyP810FB1vyCgrDibuumlx61Pf87rJRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88cff67b09b5bab5-MXP
alt-svc
h3=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://gamerafflezone.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
143458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTRFeGlCFhL1StZ1e8CBX8gjZWz8BBPPrKMg8jO9WwhdpTYfdahXjtJW80K9sSytI3im8vJ77RUiAO2r5FncAghFsbgyTRLWW8%2BygoceP1%2BpUZEpZQcIAnZCOJmo2Xs3MKZ72EQn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88cff675dc644c44-MXP
expires
Thu, 22 May 2025 14:41:07 GMT
micro.tag.min.js
woudaufe.net/pfe/current/
36 KB
15 KB
Script
General
Full URL
https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b70039f4395de3d5ef841c74a23054b07d438bf83df4ca6558dd90d86b765e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 01 Jun 2024 14:41:08 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2024 14:14:40 GMT
server
nginx
etag
W/"6659db50-9185"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
logo.png
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/themes/tar/904-oIWe-seleccionador/img/
16 KB
16 KB
Image
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/themes/tar/904-oIWe-seleccionador/img/logo.png
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39637bb3ac472eb7e69820b0a69aeb0f3bf7df9f5ed145a97cab40029ae71d78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4638
cf-polished
origFmt=png, origSize=16882
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
16374
cf-bgj
imgq:85,h2pri
last-modified
Thu, 30 May 2024 07:41:25 GMT
server
cloudflare
etag
"66582da5-41f2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL9oATPFz6oZiFP%2F61AgNQIwS7OAUXyXovvUL9p6bgPEB5DRXcOdC4mYuitj74lE9QcT2P04GFngHvTTyytarXO8AXB5okzhi4Yzq2i1EOWuzJxGKi9Lb6RFTnUJ56fkkUTM%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88cff67b29febab5-MXP
letter-00.png
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/seasons/162/
15 KB
15 KB
Image
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/seasons/162/letter-00.png
Requested by
Host: gamerafflezone.com
URL: https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54047c016a6178f26ebb35610bb7cef12916df10bc4c8c10d3552f2224b9456

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page/m1g0l5/650?campaign=ThUvIf8&cost=0.003500&type=DOMAIN&keyword=&currency=usd&aff_source=lateritious-falcon&creative_id=yankee-hao-1jdnwzmlno&aff_transaction_id=zrf888ef96202411efbcd61228ab920df34c44fa55112b408fb8de5508b40b8c960825507c915ec81905
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4638
cf-polished
origFmt=png, origSize=25236
content-disposition
inline; filename="letter-00.webp"
alt-svc
h3=":443"; ma=86400
content-length
14970
cf-bgj
imgq:85,h2pri
last-modified
Thu, 30 May 2024 07:41:25 GMT
server
cloudflare
etag
"66582da5-6294"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6u%2BEbUTQw13psQ9AgjYx1KwNs9x1Biy%2F3Qq8ZOzZRvLOlh9d4eJNW6%2F0wcT5P7wKkF5NVkRN4FI9V8uTSn8bGLfd4%2Bc5JCY5V2LS0jXbh5TevR4aRMm3%2BMhYoqucQ03j3qt4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88cff67b2a04bab5-MXP
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sw-check-permissions-82431.js
gamerafflezone.com/
0
644 B
Other
General
Full URL
https://gamerafflezone.com/sw-check-permissions-82431.js?zoneId=5759770
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
661
cf-polished
origSize=566
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 May 2024 09:25:04 GMT
server
cloudflare
etag
W/"6655a2f0-236"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dEb21MQdXx%2B5V%2FeJCIAeC9nlpsXuz7Ew3ocKQdAIt9wZraoL%2BGTdno92lAghP726g%2FppGYjgsJAr5vqmp6hzOu6So0pBxuFsN%2BUQbCKh1OGXdDAOkePXHFKjFoAtL9j8ZG8%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88cff67d9ef5bab5-MXP
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
woudaufe.net/
0
370 B
Ping
General
Full URL
https://woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=gamerafflezone.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.516&trace_id=f6e3e299-5f32-4ea7-9bd0-bc5d72a24727&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9&drf=https://hrodg-hrk.com/
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
ddb08132b3fe569cafbf9d850487fa5e
date
Sat, 01 Jun 2024 14:41:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin
https://gamerafflezone.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

gid.js
my.rtmark.net/
65 B
546 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5759770&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
946509dd989ab9b6166e3d03f5b4f872b370f9a9038669b8b86b817f956cc040
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gamerafflezone.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

favicon_9.png
gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/favicon/
400 B
798 B
Other
General
Full URL
https://gamerafflezone.com/assets/atfadv/ittar904-oiwe-seleccionadorSobresm1g0l5/650/favicon/favicon_9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a53eed6af17a6e3a0bfd738fb7f674ba11d5f5afc720eac66b7e41f19e555b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/page
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:41:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4616
cf-polished
origFmt=png, origSize=474
content-disposition
inline; filename="favicon_9.webp"
alt-svc
h3=":443"; ma=86400
content-length
400
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 May 2024 09:25:04 GMT
server
cloudflare
etag
"6655a2f0-1da"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sw0IfTqEmwLQSnwyK5e9eR4vrLEC4eDUzQDs%2FSdT2NiG7dCcfseMF%2FusElxIBKcGWcf5Y1Y3VsxPXlW%2BHOMzwEwv%2FOZg7CCcowhfQa5HFgHt9VhuubKdJeW%2B%2FFGsb7p3mCc9Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88cff67e5837bab5-MXP
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
woudaufe.net/
826 B
1 KB
Fetch
General
Full URL
https://woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=gamerafflezone.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.516&trace_id=f6e3e299-5f32-4ea7-9bd0-bc5d72a24727&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b8e6beba43040338fe994396b7f77a281f58b8da94344fb7a10bfe8b144f7e74
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
661856e10fa14767a46f5bed46404276
date
Sat, 01 Jun 2024 14:41:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gamerafflezone.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
826
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gamerafflezone.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap string| portal string| lang string| iso3 string| theme string| season1 string| season2 string| template string| template1 string| template2 string| campanya string| campanya1 string| campanya2 string| prize string| brand_price object| prizes string| coin string| coin_position string| brand_country object| dayNames object| monthNames string| img_regalo string| minutos_y string| minutos string| segundos string| url_f object| modalOptions string| prl_domain_c string| prl_user string| prl_urlini string| browser string| so string| kt string| u_isp string| u_city string| u_region string| u_device string| u_device_brand string| brand_m string| brand_p string| brand_c string| type boolean| box_ini object| _0xc62d object| s object| _0x56ff function| _0x5a1a function| setCookie function| getCookie function| checkCookie function| deleteCookie function| stepfinal boolean| p_form_post_send function| goToUrlFinish function| getBrowser function| getPlatform function| getChromeVersion undefined| a function| getUrlParameter function| updateURLParameter function| updateURLParameterF function| addZero function| startTimer number| prl_timer_seconds number| prl_timer_seconds_iluminate function| secondPassed undefined| canvasConfetti undefined| ctx undefined| W_Confetti undefined| H_Confetti number| mp_Confetti string| tid string| tsource string| tpp3 string| tcode string| tpartner string| test_partner string| kpartner string| id string| plo string| flcm string| pk_c string| url string| url_i object| url_parts string| url_params string| countdownTimer function| ajax_event undefined| deactivationTimerHandler undefined| reactivationTimerHandler undefined| animationHandler object| particles number| angleConfetti number| tiltAngle boolean| confettiActive boolean| confettiIniciated boolean| animationComplete object| particleColors function| confettiParticle function| SetGlobalsConfetti function| InitializeConfetti function| Draw function| RandomFromTo function| UpdateConfetti function| CheckForRepositionConfetti function| stepParticleConfetti function| repositionParticleConfetti function| StartConfetti function| ClearTimers function| DeactivateConfetti function| StopConfetti function| RestartConfetti function| SetupConfetti function| requestAnimFrame object| _0xf0ef function| _0x24d5 number| count number| intentos boolean| puedo object| preBoxCaj object| zfgformats

1 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 01806e10aa9c4972f61ddfe3e67ffd1b

1 Console Messages

Source Level URL
Text
other warning URL: https://gamerafflezone.com/page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d38psrni17bvxu.cloudfront.net
fabri-qwi.com
gamerafflezone.com
hrodg-hrk.com
jouteetu.net
my.rtmark.net
quickcreditapproval.com
woudaufe.net
ww12.quickcreditapproval.com
104.17.24.14
139.45.195.8
139.45.197.251
172.67.69.179
18.66.121.138
34.196.141.191
72.52.178.23
76.223.26.96
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
15a53eed6af17a6e3a0bfd738fb7f674ba11d5f5afc720eac66b7e41f19e555b
361ee89ad0d7a524dc000e4dd95b8f9b07361860882b56c25c82f309f542f5cc
39637bb3ac472eb7e69820b0a69aeb0f3bf7df9f5ed145a97cab40029ae71d78
3b8081074683ba72ce31d7ac2bb6db8ce038497c8bbb281ef6aebe47aa0a6452
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
78f62f8c4b9f45e09a48cf22e32868390d99cf26f5b4978d55f1ea70893f7ba4
7b70039f4395de3d5ef841c74a23054b07d438bf83df4ca6558dd90d86b765e8
946509dd989ab9b6166e3d03f5b4f872b370f9a9038669b8b86b817f956cc040
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3
a1229a31c253f94264172d95933eeaacce78213fc40f58db7ebc027383b5d9de
b54047c016a6178f26ebb35610bb7cef12916df10bc4c8c10d3552f2224b9456
b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c
b8e6beba43040338fe994396b7f77a281f58b8da94344fb7a10bfe8b144f7e74
d57822385e392f63f1fb9173aa5d1c4e9e241af31a489dde19843b1196297874
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc10dac87ad7b385deb51a24597ec481ca2bf2ec0407ddb7af5b8b5d67e1b18f
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a